static void ngx_mail_proxy_smtp_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line; ngx_buf_t *b; ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_proxy_conf_t *pcf; ngx_mail_core_srv_conf_t *cscf; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy smtp auth handler"); c = rev->data; s = c->data; if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; ngx_mail_proxy_internal_server_error(s); return; } rc = ngx_mail_proxy_read_response(s, s->mail_state); if (rc == NGX_AGAIN) { return; } if (rc == NGX_ERROR) { ngx_mail_proxy_upstream_error(s); return; } switch (s->mail_state) { case ngx_smtp_start: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send ehlo"); s->connection->log->action = "sending HELO/EHLO to upstream"; cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module); line.len = sizeof("HELO ") - 1 + cscf->server_name.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); p = ngx_cpymem(line.data, ((s->esmtp || pcf->xclient) ? "EHLO " : "HELO "), sizeof("HELO ") - 1); p = ngx_cpymem(p, cscf->server_name.data, cscf->server_name.len); *p++ = CR; *p = LF; if (pcf->xclient) { s->mail_state = ngx_smtp_helo_xclient; } else if (s->auth_method == NGX_MAIL_AUTH_NONE) { s->mail_state = ngx_smtp_helo_from; } else { s->mail_state = ngx_smtp_helo; } break; case ngx_smtp_helo_xclient: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send xclient"); s->connection->log->action = "sending XCLIENT to upstream"; line.len = sizeof("XCLIENT ADDR= LOGIN= NAME=" CRLF) - 1 + s->connection->addr_text.len + s->login.len + s->host.len; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } line.len = ngx_sprintf(line.data, "XCLIENT ADDR=%V%s%V NAME=%V" CRLF, &s->connection->addr_text, (s->login.len ? " LOGIN="******""), &s->login, &s->host) - line.data; if (s->smtp_helo.len) { s->mail_state = ngx_smtp_xclient_helo; } else if (s->auth_method == NGX_MAIL_AUTH_NONE) { s->mail_state = ngx_smtp_xclient_from; } else { s->mail_state = ngx_smtp_xclient; } break; case ngx_smtp_xclient_helo: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send client ehlo"); s->connection->log->action = "sending client HELO/EHLO to upstream"; line.len = sizeof("HELO " CRLF) - 1 + s->smtp_helo.len; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } line.len = ngx_sprintf(line.data, ((s->esmtp) ? "EHLO %V" CRLF : "HELO %V" CRLF), &s->smtp_helo) - line.data; s->mail_state = (s->auth_method == NGX_MAIL_AUTH_NONE) ? ngx_smtp_helo_from : ngx_smtp_helo; break; case ngx_smtp_helo_from: case ngx_smtp_xclient_from: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send mail from"); s->connection->log->action = "sending MAIL FROM to upstream"; line.len = s->smtp_from.len + sizeof(CRLF) - 1; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, s->smtp_from.data, s->smtp_from.len); *p++ = CR; *p = LF; s->mail_state = ngx_smtp_from; break; case ngx_smtp_from: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send rcpt to"); s->connection->log->action = "sending RCPT TO to upstream"; line.len = s->smtp_to.len + sizeof(CRLF) - 1; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, s->smtp_to.data, s->smtp_to.len); *p++ = CR; *p = LF; s->mail_state = ngx_smtp_to; break; case ngx_smtp_helo: case ngx_smtp_xclient: case ngx_smtp_to: b = s->proxy->buffer; if (s->auth_method == NGX_MAIL_AUTH_NONE) { b->pos = b->start; } else { ngx_memcpy(b->start, smtp_auth_ok, sizeof(smtp_auth_ok) - 1); b->last = b->start + sizeof(smtp_auth_ok) - 1; } s->connection->read->handler = ngx_mail_proxy_handler; s->connection->write->handler = ngx_mail_proxy_handler; rev->handler = ngx_mail_proxy_handler; c->write->handler = ngx_mail_proxy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); ngx_mail_proxy_handler(s->connection->write); return; default: #if (NGX_SUPPRESS_WARN) line.len = 0; line.data = NULL; #endif break; } if (c->send(c, line.data, line.len) < (ssize_t) line.len) { /* * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ ngx_mail_proxy_internal_server_error(s); return; } s->proxy->buffer->pos = s->proxy->buffer->start; s->proxy->buffer->last = s->proxy->buffer->start; }
static void ngx_mail_proxy_pop3_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line; ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_proxy_conf_t *pcf; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy pop3 auth handler"); c = rev->data; s = c->data; if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; ngx_mail_proxy_internal_server_error(s); return; } rc = ngx_mail_proxy_read_response(s, 0); if (rc == NGX_AGAIN) { return; } if (rc == NGX_ERROR) { ngx_mail_proxy_upstream_error(s); return; } switch (s->mail_state) { case ngx_pop3_start: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user"); s->connection->log->action = "sending user name to upstream"; line.len = sizeof("USER ") - 1 + s->login.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1); p = ngx_cpymem(p, s->login.data, s->login.len); *p++ = CR; *p = LF; s->mail_state = ngx_pop3_user; break; case ngx_pop3_user: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass"); s->connection->log->action = "sending password to upstream"; line.len = sizeof("PASS ") - 1 + s->passwd.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1); p = ngx_cpymem(p, s->passwd.data, s->passwd.len); *p++ = CR; *p = LF; s->mail_state = ngx_pop3_passwd; break; case ngx_pop3_passwd: s->connection->read->handler = ngx_mail_proxy_handler; s->connection->write->handler = ngx_mail_proxy_handler; rev->handler = ngx_mail_proxy_handler; c->write->handler = ngx_mail_proxy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout, NGX_FUNC_LINE); ngx_del_timer(c->read, NGX_FUNC_LINE); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); ngx_mail_proxy_handler(s->connection->write); return; default: #if (NGX_SUPPRESS_WARN) ngx_str_null(&line); #endif break; } if (c->send(c, line.data, line.len) < (ssize_t) line.len) { /* * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ ngx_mail_proxy_internal_server_error(s); return; } s->proxy->buffer->pos = s->proxy->buffer->start; s->proxy->buffer->last = s->proxy->buffer->start; }
static void ngx_mail_proxy_imap_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line; ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_proxy_conf_t *pcf; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy imap auth handler"); c = rev->data; s = c->data; if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; ngx_mail_proxy_internal_server_error(s); return; } rc = ngx_mail_proxy_read_response(s, s->mail_state); if (rc == NGX_AGAIN) { return; } if (rc == NGX_ERROR) { ngx_mail_proxy_upstream_error(s); return; } switch (s->mail_state) { case ngx_imap_start: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send login"); s->connection->log->action = "sending LOGIN command to upstream"; line.len = s->tag.len + sizeof("LOGIN ") - 1 + 1 + NGX_SIZE_T_LEN + 1 + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } line.len = ngx_sprintf(line.data, "%VLOGIN {%uz}" CRLF, &s->tag, s->login.len) - line.data; s->mail_state = ngx_imap_login; break; case ngx_imap_login: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user"); s->connection->log->action = "sending user name to upstream"; line.len = s->login.len + 1 + 1 + NGX_SIZE_T_LEN + 1 + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } line.len = ngx_sprintf(line.data, "%V {%uz}" CRLF, &s->login, s->passwd.len) - line.data; s->mail_state = ngx_imap_user; break; case ngx_imap_user: ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send passwd"); s->connection->log->action = "sending password to upstream"; line.len = s->passwd.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, s->passwd.data, s->passwd.len); *p++ = CR; *p = LF; s->mail_state = ngx_imap_passwd; break; case ngx_imap_passwd: s->connection->read->handler = ngx_mail_proxy_handler; s->connection->write->handler = ngx_mail_proxy_handler; rev->handler = ngx_mail_proxy_handler; c->write->handler = ngx_mail_proxy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); ngx_mail_proxy_handler(s->connection->write); return; default: #if (NGX_SUPPRESS_WARN) line.len = 0; line.data = NULL; #endif break; } if (c->send(c, line.data, line.len) < (ssize_t) line.len) { /* * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ ngx_mail_proxy_internal_server_error(s); return; } s->proxy->buffer->pos = s->proxy->buffer->start; s->proxy->buffer->last = s->proxy->buffer->start; }
/* 与POP3邮件服务器认证交互的过程 */ static void ngx_mail_proxy_pop3_handler(ngx_event_t *rev) { u_char *p; ngx_int_t rc; ngx_str_t line;//保存发往上游邮件服务器的消息 ngx_connection_t *c; ngx_mail_session_t *s; ngx_mail_proxy_conf_t *pcf; ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy pop3 auth handler"); c = rev->data;//获取nginx与上游的连接 s = c->data;//获取ngx_mail_session_t结构体 /* 如果读取上游邮件服务器响应超时,则向客户端发送错误响应 */ if (rev->timedout) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "upstream timed out"); c->timedout = 1; ngx_mail_proxy_internal_server_error(s); return; } rc = ngx_mail_proxy_read_response(s, 0);//读取上游邮件服务器发来的响应到buffer缓冲区中 /* 还需要继续接收邮件服务器的消息 */ if (rc == NGX_AGAIN) { return; } /* 消息不合法或者邮件服务器没有通过验证,则返回错误给客户端 */ if (rc == NGX_ERROR) { ngx_mail_proxy_upstream_error(s); return; } switch (s->mail_state) { case ngx_pop3_start://构造发送给邮件服务器的用户消息 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send user"); s->connection->log->action = "sending user name to upstream"; line.len = sizeof("USER ") - 1 + s->login.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, "USER ", sizeof("USER ") - 1); p = ngx_cpymem(p, s->login.data, s->login.len); *p++ = CR; *p = LF; s->mail_state = ngx_pop3_user; break; case ngx_pop3_user://构造发送给邮件服务器的密码信息 ngx_log_debug0(NGX_LOG_DEBUG_MAIL, rev->log, 0, "mail proxy send pass"); s->connection->log->action = "sending password to upstream"; line.len = sizeof("PASS ") - 1 + s->passwd.len + 2; line.data = ngx_pnalloc(c->pool, line.len); if (line.data == NULL) { ngx_mail_proxy_internal_server_error(s); return; } p = ngx_cpymem(line.data, "PASS ", sizeof("PASS ") - 1); p = ngx_cpymem(p, s->passwd.data, s->passwd.len); *p++ = CR; *p = LF; s->mail_state = ngx_pop3_passwd; break; /* 在收到服务器返回的密码验证通过信息后,将nginx与下游客户端间、nginx与上游邮件服务器间的TCP连接上读写事件 的回调方法都设置为ngx_main_proxy_handler方法*/ case ngx_pop3_passwd: s->connection->read->handler = ngx_mail_proxy_handler; s->connection->write->handler = ngx_mail_proxy_handler; rev->handler = ngx_mail_proxy_handler; c->write->handler = ngx_mail_proxy_handler; pcf = ngx_mail_get_module_srv_conf(s, ngx_mail_proxy_module); ngx_add_timer(s->connection->read, pcf->timeout); ngx_del_timer(c->read); c->log->action = NULL; ngx_log_error(NGX_LOG_INFO, c->log, 0, "client logged in"); ngx_mail_proxy_handler(s->connection->write);//进入透传上下游TCP阶段 return; default: #if (NGX_SUPPRESS_WARN) ngx_str_null(&line); #endif break; } /* 向上游的邮件服务器发送验证消息,注意,这里向邮件服务器发送TCP流与以前情况不同,它不再通过epoll检测到TCP连接上出现可写事件而触发。 事实上,它是由连接上出现的可读事件触发的,因为读取到了邮件服务器的消息,才向邮件服务器发送消息,之所以可以这么做的一个原因在于,当前 阶段发送的TCP消息包都非常短小*/ if (c->send(c, line.data, line.len) < (ssize_t) line.len) { /* * we treat the incomplete sending as NGX_ERROR * because it is very strange here */ ngx_mail_proxy_internal_server_error(s); return; } /* 清空buffer缓冲区 */ s->proxy->buffer->pos = s->proxy->buffer->start; s->proxy->buffer->last = s->proxy->buffer->start; }